https://connect.hyland.com/t5/alfresco-archive/alfresco-s-webdav-with-cas-sso/m-p/220010#M173140 <HTML><HEAD></HEAD><BODY><SPAN>Hi guys,</SPAN><BR /><BR /><SPAN>I've configured alfresco + CAS already, so using only the "alfresco web interface" it's working fine. We use Alfresco's WebDAV a lot but after configuring CAS i can't use WebDAV anymore since in the apache2 configuration file i had to put these lines:</SPAN><BR /><BR /><SPAN>JkMount /alfresco ajp13</SPAN><BR /><SPAN>JkMount /alfresco/* ajp13</SPAN><BR /><BR /><SPAN>Therefore, when i try to access </SPAN><A href="http://myserver/alfresco/webdav" rel="nofollow noopener noreferrer">http://myserver/alfresco/webdav</A><SPAN>, it's doing match with the second line and then it redirects my request to CAS and then throw me a 302 error that the object has been moved temporarily. I don't know what to do so that when i try to access </SPAN><A href="http://myserver/alfresco/webdav" rel="nofollow noopener noreferrer">http://myserver/alfresco/webdav</A><SPAN> it doesn't redirect me to the initial CAS login page.</SPAN><BR /><BR /><SPAN>In fact, i wouldn't mind that users will have to login again to use WebDAV while it works.</SPAN><BR /><BR /><SPAN>Thanks in advance.</SPAN></BODY></HTML> Mon, 13 Sep 2010 10:20:58 GMT imdea 2010-09-13T10:20:58Z https://connect.hyland.com/t5/alfresco-archive/alfresco-s-webdav-with-cas-sso/m-p/220010#M173140 Hi guys,I've configured alfresco + CAS already, so using only the "alfresco web interface" it's working fine. We use Alfresco's WebDAV a lot but after configuring CAS i can't use WebDAV anymore since in the apache2 configuration file i had to put these lines:JkMount /alfresco ajp13JkMount /alfresco/ Mon, 13 Sep 2010 10:20:58 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-s-webdav-with-cas-sso/m-p/220010#M173140 imdea 2010-09-13T10:20:58Z https://connect.hyland.com/t5/alfresco-archive/alfresco-s-webdav-with-cas-sso/m-p/220011#M173141 <HTML><HEAD></HEAD><BODY><SPAN>I'm new with mod_auth_cas and mod_jk but I'm doing this right now and that's what I think about the subject. If I'm wrong please correct me:</SPAN><BR /><BR /><SPAN>The problem is not related to the JkMount points, they are doing their job right. This mounts just "connect" your apache httpd server with tomcat, they are not responsible for CAS authentication.</SPAN><BR /><BR /><SPAN>In some other configuration file, the one related to mod_auth_cas you have "Location" entry protecting whole "/alfresco" path. I change it to this:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE><BR />&lt;Location /alfresco/faces&gt;<BR />AuthType CAS<BR />AuthName "CAS"<BR />require valid-user<BR />CASScope /alfresco<BR />&lt;/Location&gt;<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>This makes only "/alfresco/faces" be protected. I don't think this is a security risk because when no CAS credentials are supplied but Alfresco Explorer authentication is required Alfresco will jump to "/alfresco/faces/jsp/login.jsp" and, of course, then CAS will fire.</SPAN><BR /><BR /><SPAN>That way /alfresco/webdav (which uses HTTP authentication) will just use "normal" authentication, and the same applies for /alfresco/service or whatever. </SPAN><BR /><BR /><SPAN>Of course you'll need to chain additional authentication subsystems in order for this other services to authenticate. Tipycally you will chain the same methods that your CAS uses, for example if your CAS uses LDAP authentication, then you'll chain in alfresco the external authentication method (for CAS), as well as the LDAP subsystem (for other authentications).</SPAN><BR /><BR /><SPAN>Hope it helps.</SPAN></BODY></HTML> Tue, 16 Nov 2010 18:51:57 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-s-webdav-with-cas-sso/m-p/220011#M173141 iblanco 2010-11-16T18:51:57Z